Automatically configure API token cache

Previously we required each API app to use efficient caching practices. This DRYs up the manual, repetitive caching config, so that we always cache bearer token responses unless configured otherwise.
alphagov · Oct 26, 2020 · 2d5df7c · 2d5df7c
1 parent 915a285
commit 2d5df7c
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 22 deletions.
diff --git a/README.md b/README.md
@@ -20,15 +20,6 @@ Some of the applications that use this gem:
   gem 'gds-sso', '<version>'
   ```
 
-- Create `config/initializers/gds-sso.rb`:
-
-  ```ruby
-  GDS::SSO.config do |config|
-    # Pass in a caching adapter cache bearer token requests.
-    config.cache = Rails.cache
-  end
-  ```
-
 - Create a "users" table in the database: ([example migration with all the necessary fields](https://github.com/alphagov/content-publisher/blob/16c58a40745c1ea61ec241e5aeb702ae15238f98/db/migrate/20160622154200_create_users.rb))
 
 - Create a User model with the following:
@@ -93,22 +84,11 @@ as an [API user](https://signon.publishing.service.gov.uk/api_users).
 To authorise with a bearer token, a request has to be made with the header:
 
 ```
+# See https://github.com/alphagov/gds-api-adapters#app-level-authentication
 Authorization: Bearer your-token-here
 ```
 
-This gem will then authenticate the token with the Signon application. If
-valid, the API client will be authorised in the same way as a single-sign-on
-user. The [gds-api-adapters gem](https://github.com/alphagov/gds-api-adapters#app-level-authentication)
-has functionality for sending the bearer token for each request. To avoid making
-these requests for each incoming request, specify a caching adapter like `Rails.cache`:
-
-```ruby
-GDS::SSO.config do |config|
-  # ...
-  # Pass in a caching adapter cache bearer token requests.
-  config.cache = Rails.cache
-end
-```
+To avoid making these requests for each incoming request, this gem will [automatically cache a successful response](https://github.com/alphagov/gds-sso/blob/master/lib/gds-sso/bearer_token.rb), using the [Rails cache](https://github.com/alphagov/gds-sso/blob/master/lib/gds-sso/railtie.rb).
 
 If you are using a Rails 5 app in
 [api_only](http://guides.rubyonrails.org/api_app.html) mode this gem will

diff --git a/lib/gds-sso.rb b/lib/gds-sso.rb
@@ -6,6 +6,8 @@
 require "omniauth"
 require "omniauth-gds"
 
+require "gds-sso/railtie" if defined?(Rails)
+
 module GDS
   module SSO
     autoload :FailureApp,        "gds-sso/failure_app"

diff --git a/lib/gds-sso/railtie.rb b/lib/gds-sso/railtie.rb
@@ -0,0 +1,11 @@
+module GDS
+  module SSO
+    class Railtie < Rails::Railtie
+      initializer "gds-sso.initializer" do |app|
+        GDS::SSO.config do |config|
+          config.cache = Rails.cache
+        end
+      end
+    end
+  end
+end
diff --git a/spec/unit/railtie_spec.rb b/spec/unit/railtie_spec.rb
@@ -0,0 +1,10 @@
+require "rails"
+require "spec_helper"
+
+RSpec.describe GDS::SSO::Railtie do
+  let(:cache) { double(:cache) }
+
+  it "re-uses the Rails cache" do
+    expect(GDS::SSO::Config.cache).to eq Rails.cache
+  end
+end